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Abstract — In this paper, the privacy of two recent RFID tag 
ownership transfer protocols are investigated against the tag 
owners as adversaries. 

The first protocol called ROTIV is a scheme which provides a 
privacy-preserving ownership transfer by using an HMAC-based 
authentication with public key encryption. However, our passive 
attack on this protocol shows that any legitimate owner which 
has been the owner of a specific tag is able to trace it either in 
the past or in the future. Tracing the tag is also possible via an 
active attack for any adversary who is able to tamper the tag 
and extract its information. 

The second protocol called, Chen et al. 's protocol, is an ownership 
transfer protocol for passive RFID tags which conforms EPC 
Classl Generation2 standard. Our attack on this protocol shows 
that the previous owners of a particular tag are able to trace it 
in future. Furthermore, they are able even to obtain the tag's 
secret information at any time in the future which makes them 
capable of impersonating the tag. 

I. Introduction 

Radio frequency identification(RFID) is currently consid- 
ered as the next generation technology that mainly used 
to identify massive objects in an automated way and will 
substitute traditional optical barcode system in near future. 
The RFID advantages such as reducing supply chain ineffi- 
ciencies and improving inventory flow leaves no doubt that the 
dominant deployment of barcodes nowadays in supply chain 
will be promptly taken over by RFID tags. But it has its own 
drawbacks too. 

As products flow through a supply chain, their ownership 
is transferred from one partner to the next. This transfer of 
ownership extends to the RFID tags attached to these products. 
Thus all information associated with the tag will need to be 
passed from the current to the new owner. However, at the 
moment of tag ownership transfer, both the current and new 
owners have the information necessary to authenticate a tag, 
and this fact may cause an infringement of tag owner privacy 
0. 

To handle this problem, tag ownership transfer protocols are 
proposed to transfer the ownership of a tag from one owner to 
another securely. The proposed schemes for ownership transfer 
protocols are divided into two groups. Some schemes exploit 
a trusted third party(TTP) which acts as a secure channel to 
transfer some information between the entities. One of the first 
solution of this kind was proposed by Saito et aZ.JS). However, 
the security of their scheme is only based on the short read 
range of the backward channel (tag to reader communication) 



by assuming that it is hard for adversaries to eavesdrop on this 
channel. Another scheme with TTP is proposed by Molnar 
et al. 0- They exploit the TTP to manage tag keys by 
a tree structure. But in this protocol one key is shared by 
several tags which makes this protocol vulnerable. The privacy 
of the whole system decreases quickly when more tags are 
compromised JS). 

There also exist some decentralized proposals without a using 
TTP. Most of these schemes have two following assumptions: 
there is a secure channel between the current and new owner to 
pass the tag's information securely. They also assume that the 
new owner and the tag will be able to execute an authentication 
session in an isolated environment without presence of the 
current owner after the ownership transfer is completed in 
order to update some secret parameters. 
For instance, Soppera and Burbridge (9| adopt the scheme 
of Molnar et al. by replacing the TTP with some distributed 
local devices called RFID acceptor tag. In fl3l . the authors 
have also proposed a decentralized protocol relying on the 
assumption that owners are able to change the tag key in 
an isolated environment. However, this protocol has security 
vulnerabilities well described in lfl4l . Song et al. fTTl proposed 
a scheme with introduction of a new property called autho- 
rization recovery which facilitates the ownership transfer of a 
tag to its previous owner. But Pedro et al. fPH showed that 
their schemes has some vulnerabilities as well. 
Recently, two other tag ownership transfer protocols have 
been proposed. The first scheme is called an RFID ownership 
transfer with issuer verification (ROTIV) lfl6ll which provides 
a constant-time, privacy-preserving tag ownership transfer. 
The ROTIV's main idea is to combine an HMAC-based 
authentication with public key encryption. The second scheme 
which is proposed by Chen et al. fTTl . proposes an RFID 
ownership transfer systems which conforms the requirements 
of EPCglobal Class- 1 Generation-2 Standard. 
Our Contribution. In this paper, we investigate the privacy 
of two aforementioned ownership transfer protocols. The in- 
vestigation includes some attacks to violate the forward and 
backward privacy as well as previous and new owner privacy 
properties of the schemes. 

Outline. The remainder of this paper is organized as follows. 
Section [iTJ describes the privacy issues and properties required 
for tag ownership transfer protocols as well as system and 
adversary modelings. In Sections [Til] and [TV] the description 



of the the ROTIV and Chen et al. protocols and our attack 
on them are presented respectively, and finally, Section [V] 
concludes the paper. 

II. Preliminaries 

To lend clarity to our discussions in the subsequent sections, 
in this section, we outline the models and properties used in 
ownership transfer protocol. 

A. System Model 

In ownership transfer protocols, there are mainly three active 
entities involved: current owner, tag and new owner. The 
owners in an ownership transfer protocols are some readers 
in practice which take the role of ownership in these kinds of 
protocols. The ownership transfer protocols typically provide 
a solution to transfer the tag's information from the current 
owner to the new owner. 

Most of the ownership transfer protocols consist of two phases, 
an authentication phase and a ownership transfer phase. 
By the former phase, the tag and two owners are mutually 
authenticated and the latter phase assures all three entities 
that the ownership of the tag is transferred in a proper and 
privacy-preserving way. 

B. Privacy Properties 

Generic privacy properties and how to formalize them for 
RFID systems have been extensively explored in the literature 
Q, El, 0, H. The two generic privacy property we address 
in this paper are: 

« Backward Privacy: an adversary should not be able to to 
trace past transactions between an owner and a tag, even 
if it compromises/tamper the tag. 

• Forward Privacy: an adversary should not be able to to 
trace future transactions between an owner and a tag, even 
if it compromises/tamper the tag. 

On the other hand, in tag ownership transfer protocols changes 
of tag owner could occur frequently and at the moment of tag 
ownership transfer, both the current and new owners have the 
information necessary to authenticate a tag, and this fact may 
cause an infringement of tag owner privacy. Therefore, there 
are two extra privacy issues dedicated for ownership transfer 
protocols in the literature iflOll . fl31 : 

• New owner privacy: Once ownership of a tag has been 
transferred to a new owner, only the new owner should be 
able to identify and control the tag. The previous owner 
of the tag should no longer be able to identify or trace 
the tag. 

• Current/previous owner privacy: When ownership of a 
tag has been transferred to a new owner, the new owner of 
a tag should not be able to trace past interactions between 
the tag and its previous owner. 



C. Adversary Model 

In Juels and Weis give a formal model of the privacy in 
RFID systems. In this model, tags (T) and readers/owners (1Z) 
interact in protocol sessions. During this interaction there is 
also an adversary entity A which passively or actively interacts 
with them. The adversary may have access to an oracle which 
can be queried by the following queries: 

• Execute(7~, 7Z, i): This query is responded by the in- 
formation of T and 7Z interactions in an honest protocol 
session at time instance i. 

• SendCPi, V2, i, m): This query models active attacks by 
allowing the adversary A to impersonate some entity, a 
tag or a reader, V\ in some protocol session i and send 
a message m of its choice to an instance of some other 
entity V-2- 

• Corrupt(T): This query allows the adversary A to 
tamper the tag to learn the stored secret information of 
the tag T 

• Test(i, To, T\): This query is responded by a random bit 
b G {0, 1} and the interaction information of the tag To 
and 71 with the reader/owner at i th time instance. 

D. Attack Scenario 

In 0, the adversary A aims at tracing a specific target tag 
T. To do so, she, 

• absorbs the information she requires about the target tag 
T by the means of queries previously described. 

« choose two test tags To and T\ where one of them is T, 
and asks the oracle for the challenge by Test query. The 
response will be the interactions between the To and T\ 
tags with the reader R at a specific time instance. 
The adversary succeeds to violate the privacy of the tag by 
tracing it, if she is able to distinguish the tag T between the 
two tested tags by outputting or 1. 

E. Notations 

Here, we explain the notations used hereafter. 

• -Efe(-): Symetric/asymetric encryption function operation 
with the key k. 

• pkx,skx'- Public and private key of entity X respec- 
tively. 

• hk{-): Keyed hash function with key k. 

• h(.): Hash functions. 

• PRNG(.): Pseudo random number generator. 

• T, O n , O n +i: Tag, current owner and new owner. 

• IDx'- The identification (ID) of entity X. 

• Nx'- Random numbers generated by entity X. 

• mi. dynamic value m at time instance i. 

III. ROTIV Protocol 

ROTIV is a decentralized scheme which does not require 
a trusted third party to perform tag ownership transfer. This 
protocol provides issuer verification that allows prospective 
owners to check the identity of the entity which has issued the 
tag. The authors have claimed that their scheme ensures both 



forward and backward privacy and it also preserves current 
and new owner privacy. 

There are four entities involved in the protocol, a tag T, current 
owner O n , new owner O n +i and issuer / which initializes the 
tag and owners. 

In ROTIV, the T stores a symmetric key k, a state parameter 
s, where k is a key shared between the tag and its owner and 
s is an Elgamal encryption of T's identification information. 

A. Preliminaries 
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Bilinear pairing 

Let Gi, G2 and Gt be groups, such that 
same prime order q. Pairing e : Gi x G2 
pairing if has the following properties: 

1) bilinear: Va, b € 1i q , gi G Gi and g 2 G G2 , 
<9t,9\) = e( 9l ,g 2 ) ab . 

2) computable: there is an efficient algorithm to compute 
e (9i,92) for any (51,32) G Gi x G 2 ; 

3) non-degenerate: if g\ is a generator of Gi and 32 is a 
generator of G2, then e(gi,g 2 ) is a generator Gt- 

B. Description 

Setup: The issuer / outputs (q, Gi, G2, Gt, gi, gi, e), 
where Gi, Gt are subgroups of prime order q, g x and 
52 are random generators of Gi and G2 respectively, and 
e : Gi x G2 — > Gt is a bilinear pairing. 
The issuer chooses x G and computes the pair {gf,g 2 )- 
The I's public and secret keys are: 

ski = (x,gf), pki = g x (1) 

/ randomly selects a n G Z* and provides each owner O n with 

2 

a secret key sfco„ = ««. and a public key pko n = (<?"", g^")- 
All owners know each others public keys. 

Tag Initialization: The issuer / picks a random number 
t G V g , where F g is the finite field with q elements. Using 
a cryptographic hash function h : V q — > Gi, I computes 
uq = 1 and vq = h x {t). Finally, / chooses randomly a key 
ko G F g and stores: (fco,so), where so = (uo,vq) into the 
tag. / also provides O n with T's information ref n . This 
information includes two dynamic values k a id, k new which 
are updated after each successful transaction and two static 
values S = t,ip = h x (t) which represent the identification of 
the issuer of the tag. 

ref° n = (k oM ,k new ,5,ip) = (k ,k ,t,h x (t)) (2) 

Before accepting the tag, the owner can read the tag and checks 
the authenticity of the static values of the tag: 



e(h(6),pk!) = e(ip,g 2 ) 



(3) 



Ownership Transfer: The ROTIV ownership transfer pro- 
tocol (FigtB is a combination of two mutual authentication 
sessions between the tag and current and new owners with the 
ownership transfer protocol between the current owner O n and 
the new owner O ra +i. 



In i th time instance of the ROTIV protocol: 

1. New owner O n +i generates a random nonce No n+1 and 
sends it to the tag and the current owner simultaneously. 

2. The tag T also generates a random number Nt and 
send it with its status parameter Si = (ui,Vi) and a hash 
m L = hk i (No n+1 , Nt, Si) to the new owner. 

3. O n +i selects a random number r v and computes A v = 
Then, it sends No n+1 , Nt, Si,rrii and A v to the current owner 
O n - In this way, O n is able to authenticate the tag by 
computing, 

(4 » 

Then, it searches in the database to see if t/j is in the database 
or not. If not, it aborts authentication. Otherwise, it looks up 
T's ownership references ref° n in the database to checks if 

rrii = h k? ^(N 0ri+1 ,N T ,Si) or m l = h k ai d (N 0n+1 , N T , Sj). 
For the former case ki — k^ ew and for the latter case 

U. _ hold 
™i — 

4. If the authentication process succeeds O n gives O n +i the 
following information via a secure channel: 



ref v = (A,B,C) = (t,h x (t),A^) 



(5) 



ref° n = (koid, knew, 5, </>) = {k u k l+1 ,t,h x (t)) (6) 

The new owner 0„+i check the validity of the provided 
information by (f3]). 

Now, the new owner can verify whether the issuer of the tag 
T is / by checking whether the following equations hold: 



e(h(A),pkj) = e{B,g 2 ) (7) 
e(C,g 2 ) = e(A v ,g^) (8) 
e(^, ff2 ) r " = e {B,g 2 )^e{C,g^) (9) 

5. If the verification succeeds, 0„+i chooses a new random 
number r; + i and computes: 

s l+1 = (u llVl ) = (s^ 1 ,h x (t).gf" ri+1 ) (10) 

m+i = h ki (N T ,s i+1 ) (11) 

and sends s i+1 , m i+1 to the tag and updates its database. Now, 
T authenticates O n +i by checking the content of rrii + i. If the 
authentication succeeds T updates its state parameter to Si+i 
and its symmetric key to the new key fci+i where, 



k, +1 =PRNG(h,N 0n+1 ) 



(12) 



In order to prevent the current owner from tracing the tag later 
in the future, the new owner has to run a mutual authentication 
with the tag outside the range of the current owner after the 
ownership transfer is complete. 
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O n+1 



N o n+1 



mi,Si,N T ,A v 



m i+1 ,s i+ i 



Fig. 1. Ownership transfer in ROTIV 



C. Our Attacks 

In this attack, we target mainly the ownership privacy in- 
cluding current and new owner privacy of the ROTIV protocol. 
Correspondingly, the adversary A has been one of the owners 
of the tag T at least once. For example, without loss of 
generality, we can assume that A = O n . Therefore, at a time 
instance e.g. i, she has had access to the tags's information 
ref " . We also assume that the adversary is passive and thus 
has access only to Execute and Test queries. 
According to the attacking scenario described in Section ITl-DI 
the adversary follows the procedure below to trace the tag T 
via distinguishing that which of the two test tags, To and Xi, 
are T. 

1) A retrieves the static information of the tag T, S = 
t,tp = h x (t), from the information she has been give at 
time i, ref° n . 

2) A queries Test(j, To, 7i) and obtains < fT~3T > and (1141 1. 

{No t ,N To ,mj,m j+1 ,Sj, s j+1 } (13) 



{iV o; , N Tl , m'j , m' 3+1 ,s-,4+i} (14) 



which are the messages exchanged between the owner 
Oi and tags To and T\ respectively. 

3) A saves Sj = (uj,Vj) and = (upVj). 

4) A checks whether dl3b or ([ToT l holds, 



e(w,-,0 2 ) 
e(v'j,g2) 



e(h(S),pki)e 



e(h(S),pkj)e 



(P92 

1p 



(15) 



(16) 



5) If Sl5[ is correct then A outputs i.e. T = To, otherwise 
she outputs 1 i.e. T = T\, 



Note that we can write ( fl~5b because according to bilinear 
pairing properties of e, we have: 

e(v it g 2 ) = e(h x (t).g a ^,g 2 ) 
= e^.g a ^,g 2 ) 
= e(' f P,g2)e{gi' r ' ,g 2 ) 

2 

= e(h(5),g%)e(g* ,r \g 2 ) 

2 

= e{h{S),pk I )e(g"' r \g 2 ) 
= e(h(6),pki)e((^),g 2 

Using the scenario above, any owner in the protocol which 
has had the ownership of the tag T is able to trace it. It is 
worth mentioning that since the update procedure of state 
values s are performed independent of their previous values 
(step 5 of ownership transfer), the aforementioned tracing 
scenario can be applied both on the state values of the past 
and the future. Hence any owner who has accessed to the 
static values of a tag is able to trace it at any time in the past 
or future by only eavesdropping state parameter of the tag s. 
It implies that the ROTIV protocol lacks both previous owner 
and new owner privacy properties. 

Remark 1. It should be noted that if an adversary A' has 
access to Corrupt query which gives her this privilege 
to tamper the tag and access to the tag's static information 
t,h x (t), her state of knowledge about the tag is exactly the 
same as that the adversary A in the stated attack. Hence, she 
will also be able to exploit (fT~5T > to trace T in any time in the 
past and future. This implies that the ROTIV protocol lacks 
forward and backward privacy as well. 

IV. Chen et al's Protocol 

Chen et a/.'s protocol is designed to meet the require- 
ments of EPC Class 1 Generation2 standard (ISO18000-6C) for 
passive RFID tags. According to this standard, RFID tags's 
computation capabilities is restricted to only performing a 
16-bit Cyclic Redundancy Code (CRC) and 16-bit Pseudo- 
Random Number Generator (PRNG). 

The authors have claimed that their scheme ensures both 
forward and backward privacy and it also preserves current 
and new owner privacy. 

There are four entities involved in the protocol, a tag T, current 
owner 0„, new owner 0„+i and issuer / which issues a 
new issuer identification to be stored into the tags after each 
ownership transfer phase. 

A. Description 

Chen et a/.'s ownership transfer protocol consist of three 
phases: requiring phase, authentication phase and ownership 
transfer phase. In Chen et a/.'s protocol, the T stores two 
dynamic symmetric keys ki,k* and the h(ti) which is the 
hash of the issuer identification. In addition to the tag's 
information the owner has the issuer identification fa. 
In the i th time instance of requiring phase (FigO, the current 



owner first signs the tag's certificate ti and the identification 
of the new owner: 

SG 0n = Sign skok (ti,IDo n+1 ) (17) 

After that, it encrypts this message with the next owner's 
public key to get Cf. 

C; = E p k 0n+1 (ti, SGo n ) (18) 

and transfers the message (IDo k , Cj) to the new owner O n +i. 
In authentication phase (Figj3]l, the current owner first gener- 
ates a random number No n and then computes Af. 

Ai = CRC{ki®N 0n ) (19) 

and sends it with No„ to the tag. Upon receiving these 
messages, the tag verifies the content of the message Ai. If the 
verification succeeds, the tag generates a new random value 
Nt, and computes the X», Yi and Zi as following. 



X, = CRC(N T ®k*) (20) 

Y, = k*®ID T ®Xi®k i+1 (21) 

Zi = CRC(Xi®ki®Yi) (22) 
Moreover, the tag updates its keys as: 

ki+i = (k* © IDt © Nt © Y) (23) 

k* +1 = PRNG(k*) (24) 



and transfers (Nt, Yi, Zi) to the current owner. Upon receiv- 
ing the message, O n checks the content of Xi and Zi. If this 
verification succeeds, it obtains fc^+i and updates its values 
accordingly. 

In the ownership transfer phase (Fig|4]i, the new owner 0„+i 
uses its own private key to decrypt G\ received in the requiring 
phase and obtains SGo k and ti. Then, it uses the O rl 's public 
key pko n to verify the correction of SGo k ■ If the signature is 
verified successfully, the new owner signs the ID of its own 
as well as the current owner's: 

SG 0n+1 = Sign skok+1 (ID 0k ,ID 0n+1 ) (25) 

And sends the tuple {IDo i: IDo i+1 , SGot, SGo i+1 ,ti} to 
the issuer I to issue a new issuer identification for the tag. 
The issuer checks the content of this message and if it is 
correct, it issues the tj + i and computes ii + iffifc, + i and h(ti + i) 
and transmits them to 0„ . Upon receiving this message, O n 
sends the former message to the new owner and writes the 
latter one into the tag's memory. The new owner can also 
obtain the tj + i by XORing the message received from the 
current owner and the new key stored in the memory. 

U+i = (U+i © fcj+i) © fci+i (26) 
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Fig. 2. Requiring phase 
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Fig. 3. Authentication phase 
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Fig. 4. Ownership transfer phase 



B. Our Attack 

The adversary A in our attack is one of the previous owners 
of the tag T. Therefore, she has had access to IDt, ki and 
k*, where the IDt is the static ID of the tag T or the tag's 
electronic product code(EPC) and ki and k* are the dynamic 
keys of the tag at time instance i when the tag has been in the 
possession of A as the owner. 

Being given the messages exchanged between two tags To, Ti, 
which one of them is the tag T, and another owner Oi at two 
consecutive time instance j and j + 1, the adversary follows 
the procedure below to distinguish which of the test tags is 
the tag T. 

1) A retrieves the static identity of the tag T, IDt- 

2) .4 queries Test(j, 7o, Ti),Test(j + 1, %, 71) 
and obtain 

{A 3 , N To , N Ql , Yj , Zi },{Aj+u N To , N' Qi , Y j+1 , Z j+1 } 

Yj = k* ® ID Tq ® Xj ® kj (27) 

Y j+1 = k* +1 ®ID To ®X j+1 ®k J+1 (28) 

Zj = CRC(X j ®k j+ i®Y j ) (29) 

Z j+1 = CRC(X j+1 ®k j ®Y j+1 ) (30) 

From ( |27] |. we have: 

kj = kj © Y 3 © ID To © Xj (31) 

By substituting kj from OTb in d30b , we can write: 

Z j+1 = CRC(k* © ID To © Xj © X j+ i © Yj © Y J+1 ) 

(32) 

3) Now the adversary A defines the maximum number 
of iterations as r and follows the following steps to 
determine whether Tq is the tag T. It should be noted 



that the same process can be used to determine whether 
Ti is the tag T. 

a) c= 1 

b) computes: 

k* PRNG c (k*) 
PRNG(PRNG(...(k*)..)). 

c times 

c) computes 

Xj = CRC(k*®N To ) , 

X j+1 = CRC(PRNG(k*) © N^). 

d) computes A x = Xj X j+1 ,Ay = Y 3 © Y j+1 . 

e) IfZ i+ i ^Ci?C(fc*ffi/ J D T ffiA x ffiAy)andc<T 
then c = c + 1 and go to b 

f) Else .4 outputs i.e. T = T and fc* = fc*. 

This attack shows that the current owner of tag T will be able 
to trace it at any time in future. Therefore, we can conclude 
that Chen et a/.'s protocol lacks new owner privacy. 
Remark 2. It should be noted that the procedure above will 
work when the number of iterations r is less than the all 
possible values for the key k*. This implies that if the length 
of key k* is n, r << 2". So, the tracing process will 
work efficiently unless the number of passed sessions are 
comparable to 2™. 

Remark 3. Any adversary of this kind who has already 
obtained k* from the above procedure is also able to calculate 
kj + i by (l23l l. Then she will be able to extract tj + i from the 
last message of the tag ownership transfer protocol by using 
(l26l >. This results in a more dangerous attack in which the 
current owner is able to even impersonate the tag for future 
interrogations. 

V. Conclusion 

In this paper, we investigated the privacy of two ownership 
transfer protocols. The investigation included the attacks to 
target the forward and backward privacy as well as previous 
and new owner privacy properties. Our results showed both 
protocols are vulnerable to the attacks where the adversary is 
one of the owners in the system. 

Any owner in the system as well as any adversary with the 
capability of tampering the tag are able to trace the tag in 
the previous and future interrogations in the ROTIV protocol. 
Therefore, this protocol lacks four stated privacy properties, 
forward privacy, backward privacy, previous owner privacy and 
new owner privacy. 

Chen et al. 's protocol was also shown to be susceptible to the 
attacks in which the adversary is one of the previous owners 
of the tag and thus not to fulfil the forward privacy and new 
owner privacy. This protocol also revealed the whole tag's 
information to any previous owner and makes the adversary 
capable of impersonating the tag in further interrogations. 
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